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Description 

BACKGROUND OF THE INVENTION 

s 1. Field of the Invention 

The present invention relates to an apparatus and method for secure distribution of data More particularly, the 
present invention relates to an apparatus and method tor secure distribution of software, software updates, and config- 
uration data. 

10 

2. Description of Related Art 

I n today's busi ness environment, data is one of the most valuabl e resources required for maintaining a competitive 
edge. As o resuit, busffasssss must often be able to mSinlwi cists ccnfkjsnuSmj, resdSy datarrnsia the auihentksiy o« 
is data, and closely control access to data As used herein, the term "data" means a representation of facts, concept s or 
instructions in a formalized manner suitable for communication, interpretation, or processing by human or automatic 
means, including, but not limited to. software, software updates, and configuration data. 

Data systems commonly consist of many types and sizes off computer systems that are interconnected through 
many different electronic data networks. It is now common for an organization to interconnect its data systems wflh 
20 systems that belong to customers, vendors, ajid conpetitcrs Lar^ 

or they might provide continual services. For purposes herein, "computer includes a device capable of performing the 
functions of a Turing Machine, including a iricrocomputer, rninicornputer. or mainframe computer. A luring Machine is 
a well-known computer science concept and is explained in Encyclopedia of Computer Science. Ed. Anthony Ralston. 
ISBN 0-88405-321-0. which is specifically incorporated herein by reference. "Memory" includes a device or devices for 
26 storing data for use by a computer, inducing electronic, magnetic and electro-magnetic memory. 

A combination of elements must work together to achieve a more secure environment A security poicy. based on 
an appraisal of the value of the data and potential threete to that cte^ provides 

Security functions can be categorized as follows: 

$0 * kJentifitation and authentication. Hent W e s users to the system and provides proof that they are who they cfaim to be. 

* Access control. Determines which users can access which resources. 

* Data confidentially. Protects an organization's sensitive data from unauthorized disclosure. 

35 

Data integrity. Ensures that data is in its original form and that it has not been altered. 

* Security management AdrTOTSters, controls, and reviews a business, security policy. 

40 NonrepucSation. Assures that the message was sent by the appropriate individual. 

Cryptography includes a set of techniques for scrambling or cfeguising data so that ft is avanabie onry to someone 
who can restore the data to is ciripiai fc*rrt to current 
basis tor Neapi ng d at a confid e nti a l and lor venTy^ 
46 tation of Secure Systems, by Cart K Meyer and Stephen M Maty*. tSBN &471 -04802-5. John ffltoy & Sons, toe 
(1962). i6 a classic text on tie design and irryfementefcon of cryptographic systems, which is specficaJy incorporated 
herein by reference. 

For commercial business appications, the cryptographic process Known as the Data Encryption AlponThm (DEA) 
has been widely adopted. The Data Encryption Standard (DES). as weN as other documents, defines how to use the 
so DEA to encipher data. Federal Information Processing Standards Publication 46, which defines DES, is reprinted in the 
Meyer A Matyas texL Many other processes fw 
ficafonruTtoersfPlfe). are based m 

processes the data. A DES key is a very smal piece of data (56 bits) toot is normaly retained in 8 bytes. The same key 
rs used to transform the originBJ data (plaintext) to rts cfesgiised, enciphered form (aphertext) and to return it to its plaintext 
66 form. Because the DES algorithm is common ta iow to dge. one must keep the key secret to make the data confident ial ; 
otherwise, someone who has the key that one used to encipher the data would be able to decipher the data Key man- 
agement refers to the procedures that are used to keep keys secret 

To confirm the integrity of data, one can use the DES algorithm to compute a message authentication code (MAC). 
Used in this way the DES algorithm is a powerful tool; it is almost impossible to meaningfuly modify the data and soil 
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have H produce the same MAC lor a given key. The standardized approaches authenticate data such as financial trans- 
actions, passwords, and computer programs. 

After the MAC has been computed, "rt is sent with data. To authenticate the data, the system uses the DES algorithm 
to recorrpute the MAC; the system then compares this result with the MAC that was sen! with the data. Someone could, 
5 of course, change both the data and the MAC; therefore, the key that is used to compute the MAC must be Kept secret 
between the MAC'S originator and the MACs authenticated 

An alternative approach to data integrity checking uses a standard key value and multiple iterations of the DES 
algorithm to generate a nrcxJficalton detection code (MDC). to this approach to data integrity checking, the M DC must 
be received from a trustedsourca The person who wants to authenticate the data recomputes the MDC and compares 
10 the result with the MDC that was sent with the data. 

Because the DES algorithm has been used for many years, its strength has been well demonstrated. Both software 
and specialized hardware can implement the DES algorithm. A hardware solution is often desirable tor the tolowing 
reasons: 

75 * the algorithm requires many computer instructions to be processed 

* the keys must be protected so that they can remain secret 

* performance can be improved 

H a data security threat comes from an external source, a software irrplementatton of the cryptographic algorithm might 
be sufficient; urrfcxtunatery, however, much fraud originates with incfviduate within an organization (insiders). As a result, 
specialized cryptographic hardware can be requred to protect agatost both insider and outsider data security threats. 
WatWesJgned hardware can do the following: 

* ensure the security of cryptographic keys 

* ensure the integrity of the cryptographic processes 

ao • irrrt the key-management artrvrtfes to a wetdefined and carefufty corrtrolable set of services 

The DES algorithm, which has been proven to be efficient and strong, is widely known; forever the keys must normaiy 
reran secret Because tie same key is used both to endpher the data and to decipher tedM^ttie process is said to 
be symmetric; rt uses a symmetric key. 
36 In another type of cryptographic process, an asymmetric process, one key is used to encipher the data, whie a 
cfflerent but corresponrjng key is used to decipher the data to its original form. A system that uses this type of process 
is known as a pubic-key system The key that is used to endpher the data is widefy known, but the corresponding key 
tor decipherin g the data is secret For exarnple, many people who know a person's public key can send endpher ed data 
to thai person confidential* 

40 key cryptoyaphic algorithms have been incorporated into processes tor simpirying the distribution of secret keys and 
tor assuring data integrity, ndudtog rjro^^ 
techniques are cfccussed in more detail the Meyer A Maryas text 

Pubfc>kgy algorithms (eg. . RSA algorihm. by R nicest A. Shamir, and L_ Adteman) use a rd a#very large key and 
use e*en more computer time toan the DES atgoritfm. The use of a pubiokey system is. twrefonB, often restricted to 
46 stuationsnwffchtwdvtfacto^^ 

to boto the DES and RSA tduurtttns, no pracfacal means exists to identicaty cyher data wrtoout knowing toe cryp- 
toytyNc key; therefore, keeping a key secret at a ayptoyaphic node is essenfcal to real systems, however, this often 
does not prr>^ BuTnoenl protection I adversaries hove access to the cryptographic process and to certain protected 
keys, they coutoposstiy misuse the keyset 
so must be in place to protect and distribute cryptographic keys in a secure manner. 

Access control protects data by Blowing only persons or programs with a legrfrnate need to access system 
resources, such as a fie. selected records or fields to a fie. a hardware 
Access control uses the tolowing services: 

55 * Identtcation and veriHcatton. Idenffication is the abdrty to use a unique name, label, or other reference to identity 
eachijGerwproc/amtothesy 

what they claim to be. (Verification is also Known as "autherrtication".) 



3 



EP 0 706 275 A2 



* Authorization. Authorization is the process whereby users or programs are restricted to specific resources, such as 
data sets, programs, or transactions. (Authorization is also known as "access controT.) 

* Enforcement Enforcement is a subsystem process of verifying the requester's authorization. 

In systems that consist of murtipie computers, it is increasingly necessary for persons or programs at one system 
to be able to convince persons or prc^amsmanotrier system that they ^ 
to this problem involve the following: 

' using local access controls 

* using cryptographic processing to ensure the authenticity of a process 

* ensuing that the suShunzsucn infoi 1 1 isiiQn is ccfHudnoal 

Many corrputer products and r*nphera)s now have the* separate from the cornputer itself, fn the form 

of integrated nricrrjrjroces^ 

For example, the IBM 4755 Cryptographic Adapter is a device which includes a rricroprocessor, memory, and pro- 
gramming logic mounted on a printed circuit board. Functions are housed within a tamper-resistant module, or secured 
area, for protection, such as that cfccussed more fuly in US. Pat No. 5,027,397, which is specif icaffy incorporated 
herein by reference. The IBM 4755 is a component of the IBM Transaction Security System, discussed in the IBM pub- 
lication entitled Transaction Security System: General Information Manual and Planning Guide" (QA34-2137-0), US 
Pat No. 5,048,085, and US. Pat. Na 5,148,461. which are spedHcalry incorporated herein by reference. 

Typically, two kinds of memory are associated with these micrcprocessors: permanent (unalterable or nonvoJatfle) 
memcry tor the program: and volatie mem^ 
Memory (FOM),Progr^ 
Vb*a«err«rnoryi6ty^^ 
is removed. 

Newer technologies alow the designer to use memory which is nonvoiatile, but reprc^animabte. That is. memory 
in which the data can be changed, but tie contents are retained when the power is off. Several technologies can be 
used to obtain these characteristics. Ftesh EPROM (FEPROM) permits areas of memory to be erased electroricaly 
and then reprograrnmed. Bedricaay Erasable PROM (EEPROM) permits inrJvidual bytes or bits to be rewritten much 
ike RAM memory. Corrplementery MetaK>»de Semiconductor (CMOS) RAM with battery back-up uses little power 
and retains RAM con t ent s when system power is off. 

These newer kinds of memory can be used in two ways to irnprove the value of the product 

First, if some or afl of the microprocessor program is stored in nonvotatie, reprogrammable memory, the program 
can be changed after toe pnxtoct is manufactured. Thus, new features can be added and errors can be corrected. This 
prevents product obsolescence and protects the manufacturer from high warranty costs when errors occur. 

Second, data stored in the memory can control the configuration of the product One such use Is to selectively 
enable or cfcabie product features, to this way. the rr«nuferturer 

of applications which need efferent features Users can be charged tor an upgrade to enable new features, which wM 
be hig^ry profitable to the manufacturer since no new hardware has to be shaped or nstaied. 

There are nwwbrcurrstan 
subset ol toe total rxpuftBlirjn of 
the underlying haftlwarew 

the manutecturer may want to appfy the upgrade onfy to devices which have: 
a particular model number 

* a manufacture date within a particular range of dates 

* a particular version of software installed 

• a certain ranges of serial numbers 

• a specific combnations of features 

His easy to see why this kind of flextt^ 
impediment to rts use, however; security. 
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Both the manufacturer and user want to be sure they have control over programs that are loaded into the memory. 
The manufacturer may want to make sure only its programs are used, to ensure the programs meet quality and per- 
formance standards. The manufacturer may also want to prevent anyone from learning how the software works, or what 
the data is that is being sent to the user. The user, on the other hand, wants to make sure the programs in the devices 
5 axe valid, and prevent any that might maitunction, or which rmgrrt poGe a security threat An example of a security threat 
would be a Trojan horse" program which would normally operate correctly, but which had "teecref features to arcurnverit 
the user's security practices, or to dhoige the user's secret information. 

Typically, there wit be one source tor all f ield upgrades to code a configuration data, although other scenarios are 
possible. For the purposes of discussion, assume that the device manufacturer is the only vafd source of code or data 
w updates; and the device is a security adapter card, wrm a secured area cm^ module where data » 
The problem can then be described with two fundamental requiremerits: 

Rrst, data sent to the user must be kept secret H must be impossMe for anyone to discover or modify the contents 
of the data. 

Second, the user must be able to verify that the data came from the valid source (ag., the manufacturer). This is a 
15 form of rx>n -repudiation. 

SUMMARY OF THE INVENTION 

The present invention overcorries the disadvantages and 
20 method for secure attribution of software, software updates, and configuration data Cryptography Is used to protect 
software or data updates sent to computer products or peripherals using non-secure oSstrfcution channels. In the pre- 
ferred embodiment the contents of the data cannot be read by anyone who obtains the data, and the data wfl not be 
accepted unless It is unmodfied and originated with the vaid source tor such data. 

An advantage of the invention is to provide an apparatus and method for secure distribution of software, software 
26 updates, and configuration data. 

Another advantage of the invention is to provide an apparatus and method wherein data stored in memory controls 
the configuration of a product so as to selectively enable or disable product features. 

Yet another advantage of the invention is to provide an apparatus and method wherein data stored in memory 
controls the acceptance or rejection of proposed data tor a product 
X The foregoing and other advantages of the present invenionwil be eppe/ent to 

handing technology in view of the accompanying ikuwii igu descnfrtion of the kwenbon, and appended dams, 

BRIEF DESCRIPTION OF THE DRAWINGS 

as FIG. t is a block diagram depicting a computer system and associated cryptographic system, wherein an enlarge- 
ment of an errfcodbrtent of trie 

FKx 2 is a block diagram of an errtoodknent of the kwented apparatus tor secure ofetrtoutton of software, software 
updates, and cor^iguralion data employing pubic key cryptography. 

FIG. 3 is a flowchart of an enlxxlment of the invented method tor secure distribution of software, software updates, 
40 and configuration data employing pubic key cryptography. 

FIG. 4 is a bkxk diagram of an entrapment of the invented apparatus for secure dtetrfcutton of software, software 
updates, and configuration data employing pubic kBy cryptography and symmetric key cryptography. 

FK15eafto*cher1c4anem 
and configuration date employing pubic key cryptography and synniMfcic key uyutugtMphy 
46 FIG 6 is a depiction of criteria HUr r»^» to tabular torm 

DESCROTON OF THE PREFERRED EMBODIMENT 

Referring now to FIG 1, a computer or computer system 10 is shown which includes a crypto graph ic system 12 
so comprising a rricroprocessor 14, memory 16, and cryptographic functions 18 mounted upon a device or adapter card 
20. The microprocessor, memory, and cryptograp h ic functions are housed within a secured area or module 22. 

As shown in FIG 2. a public key KPU is instated in the adaptor card 20. Cryptog ra phic system 12 Includes the 
pubic key algorithm (ag.. RSA) The c onecponcftng private key KPR would be held by, tor example, the adapter card 
manufacturer, in a secure, secret memer so ri would never be ofedosed outside the manufacturer^ organization. Pref- 
66 erabry, the data is protected twofold: 

Rrst, as shown in FIG 2, data, D. is encrypted by a pubic key cryptographic system 24 using the private key, KPR, 
or as shown in FIG 4. data is encrypted by a symmetric key cryptographic system 25 using the syrrvnetric key. KS. This 
provides the necessary secrecy; the data content cannot be determined by am/one intercepting the data, and any mod- 
ification to the encrypted data wfl rendef it invalid. 
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Second, in FIGS. 2 and 4, a digital signature on the data is corrputed and sent to the adapter card users using a 
c *9 rtaJ signature generator 26. This signature is verified before the data is excepted by digital signatire verifier 28. which 
can be a component of cryptographic function 1 8 or a separate function as shown . Preferably, cryptographic function 
18 include both a public key cryptographic system 18a and a symmetric cryptographic system 18tx A verified dtfa) 
signature proves that the data res not been altered 
the manufacturer. 

Two embodiments of the invention are described below. 
Usino only nttic kev cryptography 

The first tour steps to FIG 3. are performed by the manufacturer, who sends the resulting data to the users The 
remaining steps are performed by the user to load the data into the adapter card. 

Thejnamjfacturer first generates toe date to be looted irto tte 
D. The iiwuiacaver » ready possesses private key KPR, and the corresponding public key KPU is with every adapter 
card manufactured. The key KPU may be embedded in tte adapter card, or 

other medum if it is protected against siAstitutton (e.g., by a certification process). It does not need to be toot secret 
in order to maintain integrity of the loaded data. 

In step 110. the manufacture 
cSgrtaJ signature is optional. Its use enhances the aba»y to prove the source of the ^ 

successfuty without a signature. The cfigrtaJ signature function is represented as dsigO. The signature wfli be verified 
before the data is accepted by the adapter card, assuring it came from the manU 

In step 120. the data D is encrypted using the private key algorithm with key KPR. This protects the data from 
cfisdosure or modfication prior tofts installation to the otapter card. Tta 
algorithm, such as the RSA algorithm. 

The manutacturer. in step 1 30, sen* the encrypted data pke(D) and the digital a^iature cteJg(D) to the can! users 
ttrough any convenient channel; cfskettes, electronic mai. or any other medium is sufficient The user receives this 
information, and loads the data and signage toto the secured area of the adapter card in step 140. 

to step 1S0, the adapter decrypts tie date using ^ 
step 160. tie dgftal agnatore is verified «tog the sarne key H the signature veri^ 

have been created by the rnarmfecturer. who hofcfe the private key KPR. Once the data has been decrypted and Its 
vafcfty has been determined, the data fc appfed to the nonvofatie memory in the adapter card, step 180; otherwise, 
the information is dfecarded, step 170. 

Orty the private key KPR needs to be kept secret. The pU£c key KPU is present in every copy of the device, and 
there is no security exposure 9 Us value is cfivulged. The native of the pubic key algorithms guarantees that the private 
key cannot be deterrrtned from the p^ 



UHPgjalfeJgaLflffl^^ 



Artematrvery. the data can be encrypted using a symmetric key cryptographic aJgoritvn (ag.. DES) instead of the 



w # '# *"/r**Tr 'y "nr*^ |v»-y-. bri 

pU*c key algorithm used above. With current technology, symmetric key algorithms are generafy faster to compute 
than pU*c key algoritims. so this 
eachtme new data is produced. 

AAf^^incw.onn^Firi « ^ f) ^tr H trrt to tin iMMiiil irwiM ii Mu C^U 

In tie step 210. a random symralfc 

manulacfcrer must sent i to tiem in a secxre manner. In step 220. KS is encrypted win a pubic key algorithm using 
the private key KPR 

to step 230. tie imntetorer con^ 
using toe symmetric key algorithm wrth key KS. The encrypted KS. tte 
dsig(D) are al sent to the user in step 250. 

In step 260. the data is received at the user site where adapter cards are instated. The data is loaded toto the 
secured area of the caM which KPU is LKed to decrypt the symmetric key KS 

using the ptftfc key algorithm to step 280. the recovered KS Is used to decrypt the data using the symmetric key 



In step 290. the dgftal signature is verified ustogW^U to order to verify theory 
it means that both the data D and the key KS were vafid; in this case, the data is loaded into the nonvoiatie memory on 
trie adapter card and ertabled for use, step 310. 0 

caJcutetkxie are preferably performed imade the secured area, so there is no threat of data rnanjxiation while the data 
is recovered and verified. 
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Wrth either method described above, other checking codes could be used as an alternative to the cfigrtal signature. 
An MDC, cyclic redundancy check (CRC), or any other valid checking code could be calculated over the data and 
expended to the data before it is encrypted. OncelheoM has been decrypted 

this value could be verified against the recovered data, rf it verifies, the data is correct and originated wrth the holder of 
ff the private key KPR. 

Use of information in the data as d ecision criteria 

Once the data has been loaded into the adapter card, the decision of whether to permit the data to be employed 
10 can be made a function of information andfor instruction s contained within the data itself. 
In one emtxxf merit software contained in the devioe is used to com 
information* already contained in the device. Examples of such basic information include: 

* serial number 

• model codes 

• date of manufacture 

20 * version of software currently installed 

* codes describing instated or avaiable features 

The basic information in the device is stored in memory (inducing hardware registers, permanent software, or resident 
25 loadable software). The criteria information Is preferably Included in the data in tabular form, for example, as shown In 

FIG. 6. The data, and therefore the criteria inform ati on, is securely dtetributed in the manner described in the previous 

sections herein. Control software wrthin the ctevra 

mation in order to decide whether to apply tie data 

The pseudocode in Table 1 is an example of how the criteria ■formation from the table would be processed. Each 
90 rtOT in toe t^wouM be compered wfth the appr 
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of the comparisons wotJd be used to determine whether the data should be appfied to the particular device. 

TABLE 1 



Load_Perraitted = FALSE; 
If SNMin <= SN <= SNMax then Do; 
If DT_Min <= DT <= DT_Max then Do; 
" " " If MinrHW_Lvl <=-HW^Lvl<= Max_HW_Lvl then Do; 

Tf Mi n SW T.vl <= QU T.vl Mav CU T«l 4-K A *« TVr* . 

— — - - - — — » — w« M W * • V* " M » A bJlV.ll W / 

^ Get Feature_Vector; 

If all~Features~Requi red-features- are present then Do; 
If no ~Features_Prohibited features are present then 

~ Do; ~ 



20 



If Model_List is empty then Load_Permitted = TRUE; 
Else do While Model_List not empty; 
Get Test_Model from head of Model_List; 
If Test_Model = model of this device 
then Load Permitted = TRUE; 
If Load Permitted = TRUE then load data to memory; 
Else Abort loading process 



* SN_Min and SN Max are the lowest and highest serial 

36 

numbers the device can have for the data to be 
valid. In the pseudocode in Table 1, the serial 
number for a specific device is designated SN. 

40 



46 



SO 
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* DT_Min and DT_Max are the earliest and latest dates 
the device can have for the data to be valid, e.g., 
the manufacturing date, the microcode creation date, 
or some other date code. Several different dates 
could be compared if desired. In the pseudocode in 
10 Table 1, the date code for a specific device is 

designated DT. 



15 



20 



60 



56 



Min_HW_Level and Max_HW_Level are the lowest and 
highest hardware levels the device can have for the 
data to be valid. This represents the version of 
hardware in the device. HW_Level is used in the 
pseudocode to represent a particular device's 
hardware level . 

Min_SW_Level and Max_SW_Level are the lowest and 
highest software levels the device can have for the 
data to be valid. This represents the version of 
software in the device prior to application of the 
data. SW_Level is used in the pseudocode to 
represent the particular device's software level. 

FeaturesRequired and Features Prohibited are 
vectors of boolean values. They represent the 
features the device must have for the data to be 
valid, and the features the device must not have for 
the data to be valid. In the pseudocode, 
Feature__Vector represents a vector of boolean values 
representing the features present in a specific 
device . 

ModelList is a list of product models which are 
valid targets for the data. An empty list can be 
used to Indicate that the data is valid for all 
models. Otherwise, the device looks for its own 
model code in the list; if it is not present, the 
data will not be applied. 



In an alternative entrapment one innplementetion of which ts akistrativery shown in pseudocode in Table 2, the date 
rtsetf contains special software fchecking software") to determine rf the data should be applied to the device. The data, 
and therefore the checking software, is securely distributed in the manner described in the previous sections herein. 
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This checking software is not a part of the operational software used in the everyday application of the device. The 
additional checking software may be optional; if present, it is called by the control software which resides in the device, 
and ft determines whether the data should be applied. The same checking software can also contain special initialization 
instructions to prepare the device for the new software or data contained in the data. 



TABLE 2 



If checking software present in the data then Do; 
Load checking software; 
Verify checking software is valid; 
Abort if invalid; 
Execute checking software; 
If result = "ok to load data" then Do; 

Get data; 

If data is valid 

Then load data to memory; 
Else abort 



This OTtoodfrnent is more fte^^ 
the initial devto deagners. Furicttm 

to operation, toiserrtoodtoieftc^ 
permanently stored in the device, with acMttonel functm cxvMnaf h 

The taction performed by the checking software is completely up to the designer of that softwara Hs functions 
would typical* be simitar to those described tor the first ernbodtoient, but could include any checking or irwtiaJization 
deemed necessary by the designer. 

A samttar approach can be used to provide optional software that would be executed immedtat ely after the data is 
loaded. This coiJd perform initialization necessary to prepare the updated device tor use. 

Of course, many modffications and adaptation tolhe presenting 
ing from the sprit of this invention Further some featires of toe present invention could be used without coneeponcSng 
use of other feature* Accordtog* 
present inv e ntio n and not to imitation thereof. 

Furthermore dtoctosed is: 



1. A method of sealery cxwiiufcig tie corfiguraion of a computer system so that features of the system may be 

providtog memory wrfilch is located wihin a secured area which is protected trom physical and direct electrical 

executing a program which requires specific information to be stored in the memory to permit the use of specific 

features of the system; and 

updating the specific information wito date do 

2. The controiing method of item 1 indudtog the adottoriaJ steps of: 

encrypting the data at the other computer system under a first key of a pubic key encryption system; and 
decrypting toe data vWthin the secured area win a second key of the pubic Key encryption system. 

3. The controiing method of claim 22 inducing the adcfbonaJ steps of: 
generating a syrrvrtetric key tor use with a symmetric cryptography algorithm; 
encrypting the data under the generated symmetric key; 
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encrypting the generated symmetric key under a first key of a pubic key encryption system; 

transferring the encrypted data and the encrypted symmetric key to a processing system which is located within 

the secured area; 

decrypting the received symmetric key within the secured area with a second key of the pubic key encryption system; 
5 decrypting the received data within the secured area under the decrypted syrrrnetric key with a syrnmetric cryptog- 

raphy algorithm; and 

storing the decrypted data in said memory. 

4. The loading method of item 3 wherein 

10 the first key is a private key used with said public key encryption system. 

5. The loading method of item 3 or 4 wherein 

the second key is a pubic key used with said public key encryption system 

is 6. The controlling method of one of items 1 to 5 wherein 

the executed program is included in the data originating from the other computer system. 

7. The oontroling method of one of items 1 to 6 wherein said specific information corresponds to at least one of the 
following: 

20 serial number of the comp u ter system; 
model number of the computer system; 
date of manufacture of the computer system; 
version of software currently installed In the computer system; and 
codes describing instated or avaiable features. 

25 

8. The controlling method of one of items 1 to 7 wherein 
the features of the system are related to software u^ 
system 

$o 9. A method of securely controffng the enablement of data loaded in memory within a secured area of a device, 
said method inducing tie stops of: 

providing ttormation wftNn said memory representing at least one characteristic related to said device; 
providtog crteria ttormetOT 

comparing said criteria information wrth said at least one characteristic; and 
36 enabfng said data to be used within said device if said at least one characteristic meets said criteria information. 

1 0. The controiirtg method of item 9. wherein 
at least some portkjn of said comparing step is p 

40 11. The controling method of tern 9 or 10. wherein 

said characteristic information corresponds to at least one of the toiowing: 
serial number of fie device; 
model number of tie devic e; 



version of software currenfy Mated to tie device; and 
c od es describing i nsta t ed or i 



so 1. A method of transferring data into a secured area, said method including the steps of: 
encryping (120) said data under a first key of a pubic key encryption system (24); 
transferring (130) said encrypted data to a processing system which is located within said secured area; 
decrypting (150) said received data w*Nn said secured area with said pubic key encryption system (24) under a 



storing said decrypted data within said secured area. 
2. The methodof claim 1, wherein 



The method of daim 1 . wherein 

said transferring data into a secured area is a loading data into at least some portion of memory which is located 
within said secured area, and 
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said secured area is protected from physical and direct electrical access, thereby guarding against undesared detec- 
tion of said transferreded data. 

3. A method of loading data into at least some portion of memory which is located within a secured area which is 
protected from physical and dwect electrical access, thereby guarding against undesired detection of said loaded 
data, said method inducing the steps of: 

generating (210) a symmetric key (Kg) lor use with a symmetric cryptography algorithm; 
encrypting (240) said data under said generated symmetric toy (Kg); 

encrypting (220) said generated symmetric key (Kg) under a first Key of a public key (Kpy) encryption system; 
transferring (250) said encrypted data and said encrypted symmetric key (Ks) to a processing system which is 
located within said secured area; 

decrypting (270) said received symmetric key (Kg) within said secured area with a second key of said pubic key 
(Kpy) encryption system; 

decrypting (280) said received data within said secured area with said decrypted symmetric key (Ks) with a sym- 
metric cryptography algorithm; and 

storing said decrypted data into said at least some portion of memory. 

4. The method of one of claims 1 to 3, wherein 

said first key is a private key (Kpq) used with said public key (Kpy) encryption system. 

5. The method of one of claims 1 to 4, wherein 

said second key is a public key (Kpy) used with said public key (Kpu) encryption sv^ 

6. The method of one of claims 1 to 5, wherein 

said public key (Kpy) is stored within said secured area. 

7. Themethodof one of claims 1 to 6 torther inducing toe step of : 

adding a code to said encrypted date which is to be tansfaned tor the purpose ^ 
Heating said encrypted data. 

8. The method of claim 7 wherein 
said code is selected from satf 
cyclic redundancy check (CRC). 

9. The method of daim 7 or 8 further including the step of: 
authenticating said decrypted data; and 

enablng said decrypted date 
date. 

10. A system tor securely hotdtog date, said system comprising: 

memory means located wrthto a secured area which is protected from physical and dfrect electocal access; 
means tor proofing a pubic key (Kpy) wftwi said secured area; 
mearewirmi said secured 

means wtfim said secured area tor decrypting (150) said r*»^ 

11. The system of cteim 10 wherein 

said decrypted data provides a symmelric key (Kg). 

12. The system of daim 11 inducing: 

means within said secured area tor receiving data encrypted by a symmetric algorithm under said symmetric key 
(Ks): 

means tor decrypting (280) s^ date 
keyiJCpufcand 

means tor storing said symmetric key decrypted ttate to art memory means. 

13. The system of one of claims 10 to 12 further including 

meens tor analyzing a code received by said system to authenticate said data received. 
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14. The system of claim 13, wherein 

said code is selected from said group con si sting of a digital sywrture. a modification detection code (MDC). and a 
cydic redundancy check (CRC). 

6 15, A method of securely oontrollng the configuration of a computer system (10) so that features of said system may 
be conveniently enabled or disabled, said method induing the steps of: 

providing memory which is located within a secured area which is protected from physical and cfrect electrical 
access; 

executing a program which requires speed ic information to be stored in said memory to permit the use of specific 
io features of said system; and 

updating said specific information with data decrypted from encrypted data originating from another computer sys- 
tem. 

16. A method of securely controlling the enablement of data loaded in memory within a secured area of a device, said 
T5 method including the step6 of: 

pruvkfing information within said memory representing at least one characteristic related to said device; 
providhg criteria information within 6aid data to be compared with said at least one characteristic; 
comparing said criteria information with said at least one characteristic; and 

enabling said data to be used within said device if said at least one characteristic meets said criteria information. 
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FIG. 5 
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